If a Security Technical Implementation Guide (STIG) configuration parameter is more restrictive than the associated FedRAMP Rev. 5 baseline requirement, the cloud service provider is under no obligation to implement the STIG parameter unless it is covered under an Executive Order or DHS Emergency Directive.
Comments
0 comments
Please sign in to leave a comment.